Scribd
Upload
18 views9 pages

Audience Expectation

Uploaded by

Anirban dey
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
18 views9 pages

Audience Expectation

Uploaded by

Anirban dey
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Audience

● This course is designed for Software


Developers, DevOps, Security Team, QA ,
Infra ,Build & release, Freshers with a bit
of scripting and knowledge of software
terms, tools & technologies.
Expectation
● Knowledge and hands on with DevSecOps
● securing CI/CD pipeline.
● Rare skill in market, which will land you
with excellent offer and an awesome
opportunity.
● It may be the next hype similar to DevOps
which came around 8-9 years back.
DevSecOps : Securing CI/CD
● It is about integrating security in the CI/CD
pipeline which helps minimizing
threats/vulnerabilities with every code
check in.
● Automation of security part.
● Goal here is to bridge not only the
traditional gaps between the Dev & Ops
team, but also to bridge the gap between
Dev , Sec & Ops team.
DevOps Vs DevSecOps
● Traditional Build ● Future Build
Phases phases
Why DevSecOps
● Companies implementing DevSecOps
address vulnerabilities faster than others
● Higher speed and agility : security teams
● Quality and compliance assurance.
● Implement, Educate & Follow best
practices for secure coding and
infrastructure
provisioning/deployment/configuration.
Approaching DevSecOps
● Security training : How to code securely.
● Regular code analysis with CI/CD pipeline.
● Regular Compliance monitoring
● Include SAST, DAST phases in pipeline.
● Define criteria for security phases to
pass/fail builds.
● Include security issues as part of sprints.
DevSecOps : hot buzz
● As DevOps & agile enables speed, it does
comes with risk as well.
● Frequent code changes, expanding attack
surfaces, day by day growing number of
hacks is building the market for
DevSecOps.
● 80% of threats & vulnerabilities can be
tackled if we enable DevSecOps(20%
effort) : Famous 80/20 rules or “Pareto
principle”
Future Scope: DevSecOps
DevOps & Security salary graph

Sources :
https://www.payscale.com/research/SG/Job=Development_Operations_(DevO
ps)_Engineer/Salary
https://www.payscale.com/research/US/Job=Information_Security_Analyst/Sala
ry

You might also like